Subject | Re: [IB-Architect] Including encryption |
---|---|
Author | Bill Karwin |
Post date | 2000-04-29T22:22:19Z |
Doug Chamberlin wrote:
o The state of the art of encryption moves too quickly for
InterBase to keep up.
o Once InterBase claims to support encryption, the vendor accepts
a level of liability for security that too high.
o An InterBase-only encryption mechanism is useless.
Any security package that an IT shop chooses must account for
any type of traffic, which is typically email, file access,
http, and perhaps telnet.
their network encryption and security.
For example, this week, I was working with a web-hosting company who
insists that we access their machines using a VPN mechanism, connecting
using IPSec. Additionally, they insisted that if I telnet into the
machine, that I use ssh, not plain telnet protocol. It seems kind of
redundant to encrypt by session when I'm already using an encrypted IP
stack, but that's what they wanted.
If I needed to do a client/server connection, and I said, "My RDBMS has
built-in encryption on the wire!" I predict that they would say, "Good
for you. You can connect using your software, _on top of_ our VPN's
IPSec connection."
Most shops won't trust encryption that is bundled with an application.
They've done their independent research and settled on their network
security implementation, and they have a policy that anything -- even
encrypted traffic -- has to use their secure connection.
includes encryption or not. The people running the VPN won't allow
*anything* to come into their network that isn't using *their* security
mechanism.
open up more ports than they have to. They prefer that if you need to
use a port, you use a "tunnel" on their preferred security
implementation. They are *not* going to open up port 3050, even if
InterBase includes encryption technology.
Bill Karwin
>Me too. My reasons are:
> I have long been in the camp that says that encryption of
> client-server communications belongs outside the sphere and
> responsibility of the database server vendor.
o The state of the art of encryption moves too quickly for
InterBase to keep up.
o Once InterBase claims to support encryption, the vendor accepts
a level of liability for security that too high.
o An InterBase-only encryption mechanism is useless.
Any security package that an IT shop chooses must account for
any type of traffic, which is typically email, file access,
http, and perhaps telnet.
> However, there are some practical problems whichThe problems are typically not technical, but bureaucratic in nature.
> would be easily solved if this could be included.
> If a buyer asks about the security of theA security-conscious site *wants* application-independent control over
> client-server communications, this vendor currently says, "That's up
> to your overall network communication security." But when client-server
> communications cannot be controlled as to when and from where they
> occur, this answer is tantamount to saying, "You have no predictable security
> at all".
their network encryption and security.
For example, this week, I was working with a web-hosting company who
insists that we access their machines using a VPN mechanism, connecting
using IPSec. Additionally, they insisted that if I telnet into the
machine, that I use ssh, not plain telnet protocol. It seems kind of
redundant to encrypt by session when I'm already using an encrypted IP
stack, but that's what they wanted.
If I needed to do a client/server connection, and I said, "My RDBMS has
built-in encryption on the wire!" I predict that they would say, "Good
for you. You can connect using your software, _on top of_ our VPN's
IPSec connection."
Most shops won't trust encryption that is bundled with an application.
They've done their independent research and settled on their network
security implementation, and they have a policy that anything -- even
encrypted traffic -- has to use their secure connection.
> The hassles we are facing for achieving a uniform level of TCP/IPMy point is that these hassles won't be reduced, whether InterBase
> security, via a software-based VPN solution are formidable.
includes encryption or not. The people running the VPN won't allow
*anything* to come into their network that isn't using *their* security
mechanism.
> All that would be left would be to ensure that the port in use was allowedThis is another problem. Secure networks typically are not eager to
> to be used.
open up more ports than they have to. They prefer that if you need to
use a port, you use a "tunnel" on their preferred security
implementation. They are *not* going to open up port 3050, even if
InterBase includes encryption technology.
Bill Karwin